package com.zhiying.config;

import java.util.Date;

import javax.servlet.http.HttpServletRequest;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.crypto.hash.SimpleHash;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import com.zhiying.domain.CMS_User;
import com.zhiying.domain.UserLoginLog;
import com.zhiying.service.LoginService;
import com.zhiying.service.MenuService;
import com.zhiying.until.ipadderss.IpAddress;

public class UserRealm extends AuthorizingRealm {


	@Autowired
	private LoginService loginService;

	@Autowired
	private MenuService menuService;	

	IpAddress ip;
	//授权
	@Override                   
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
		// TODO Auto-generated method stub
		System.out.println("授权");
		//String name = (String) principals.getPrimaryPrincipal();
		org.apache.shiro.subject.Subject subject=SecurityUtils.getSubject();
		CMS_User user=(CMS_User) subject.getPrincipal();
		SimpleAuthorizationInfo simpleAuthorizationInfo=new SimpleAuthorizationInfo();
		simpleAuthorizationInfo.addRole("admin");
		simpleAuthorizationInfo.addStringPermission("create");
		simpleAuthorizationInfo.addStringPermission("administrator:info:edit");
		simpleAuthorizationInfo.addStringPermission("administrator:role:create");
		simpleAuthorizationInfo.addStringPermission("administrator:list:create");
		
		/*
		 * simpleAuthorizationInfo.addStringPermission("create");
		 * simpleAuthorizationInfo.addStringPermission("create");
		 * simpleAuthorizationInfo.addStringPermission("create");
		 */
		return simpleAuthorizationInfo;

		//        String name = (String) principals.getPrimaryPrincipal();
		//        //添加角色和权限
		//        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
		//
		//        //添加角色
		//        simpleAuthorizationInfo.addRole("admin");
		//
		//        //添加权限
		//        simpleAuthorizationInfo.addStringPermission("create");
		//
		//        return simpleAuthorizationInfo;


	}
	//认证
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
		System.out.println("认证");
		//shiro判断逻辑
		HttpServletRequest req=((ServletRequestAttributes)RequestContextHolder.getRequestAttributes()).getRequest();
		//获取request对象
		UsernamePasswordToken user = (UsernamePasswordToken) token;
		CMS_User cms_user=new CMS_User();
		cms_user.setLoginName(user.getUsername());
		System.out.println(user.getPassword());
		cms_user.setLoginPassword(String.valueOf(user.getPassword()));
		System.out.println(cms_user.getLoginPassword());
		CMS_User newUser = loginService.getUserInfoByUserName(cms_user.getLoginName());

		/*
		 * //盐值 ByteSource credentialsSalt =
		 * ByteSource.Util.bytes(newUser.getLoginName());
		 * System.out.println(credentialsSalt);
		 */
		//System.out.println(user.getUsername());
		if(newUser==null){
			//用户名错误
			//shiro会抛出UnknownAccountException异常
			return null;
			// newUser.getLoginPassword() 是和token中的密码对比的
		}else {
			System.out.println(newUser.getLoginPassword());
			SecurityUtils.getSubject().getSession().setAttribute("loginName",newUser.getLoginName());
			//盐值
			ByteSource credentialsSalt = ByteSource.Util.bytes(newUser.getLoginName());
			System.out.println(credentialsSalt);
			Object obj = new SimpleHash("MD5", user.getPassword(), credentialsSalt, 6);
			System.out.println(obj);
			System.out.println(ip.getIpAddr(req));
			UserLoginLog userLoginLog=new UserLoginLog();
			userLoginLog.setBrowser(ip.getUserBrowser(req));
			userLoginLog.setLoginTime(new Date());
			userLoginLog.setOperatingSystem(ip.getUserOperatingSystem(req));
			userLoginLog.setUserId(newUser.getUserId());
			userLoginLog.setUserIp(ip.getIpAddr(req));
			System.out.println( menuService.insertLoginLog(userLoginLog));
			return new SimpleAuthenticationInfo(newUser,newUser.getLoginPassword(),credentialsSalt,getName());
		}

	}
}


